During the first connection setup, the TPP will be automatically onboarded and registered (enrolled) in the bank database. However, for security purpose, the bank requires the client certificate to be presented within each request.

Following the EBA clarification 07/06/2019, it's now possible to test the Sandbox using a test certificate. The only restriction is that the certificate used to establish the SSL MA must follow the QWAC format for PSD2, according to ETSI TS 119 495 V1.2.1 (2018-11)

For the Berlin Group APIs, the QWAC certificate has to be issued from a production CA.

Test the connection to the sandbox

Make sure that your QWAC configuration is correct by testing the following endpoint on the sandbox (no headers are necessary)